Setup Firewall

Overview

This function configures a firewall for each service.

Configuration is required for each MNT, RMT and FST port.

  • MNT port

    The MNT port is used for general communication between the storage system and the external hosts.

  • RMT port

    The RMT port is used when the line must be separated from the MNT port.

  • FST port

    The FST port is used for maintenance of the storage system.

Caution
  • If both HTTP and HTTPS have been disabled, Web GUI cannot access the storage system.

  • If both Telnet and SSH have been disabled, CLI cannot access the storage system.

  • If ports of all the services are disabled, access to the storage system is not allowed.

  • When the firewall setting is changed, it takes approximately 10 seconds to update the storage system information. To display the most recently updated screen, wait at least 10 seconds and click the [] icon in the [Network] screen or click [Network] in category.

Note
  • To configure the network environment of the storage system, use the [Setup Network Environment] function.

Settings

Firewall Settings

In this screen, configure the firewall of each port for each service.

Item Description Setting values

Acceptable Protocol

Web GUI (HTTP)

Specify whether to enable or disable the HTTP connection. Select the checkbox to enable the connection.

HTTP is used when accessing from Web GUI.

Selected: Enabled

Cleared: Disabled (Default)

Web GUI (HTTPS)

Specify whether to enable or disable the HTTPS connection. Select the checkbox to enable the connection.

HTTPS is used when accessing from Web GUI. This connection uses the data encryption for data transferring.

Selected: Enabled (Default)

Cleared: Disabled

CLI (Telnet)

Specify whether to enable or disable the Telnet connection. Select the checkbox to enable the connection.

Telnet is used when accessing from CLI.

Selected: Enabled

Cleared: Disabled (Default)

CLI (SSH)

Specify whether to enable or disable the SSH connection. Select the checkbox to enable the connection.

Secure Shell (SSH) is used when accessing from CLI. This connection uses the data encryption for data transferring.

Selected: Enabled (Default)

Cleared: Disabled

RESTful API (HTTPS)

Specify whether to enable or disable the RESTful API connection. Select the checkbox to enable the connection.

RESTful API is an HTTPS-based call interface of the web system and is implemented according to REpresentational State Transfer (REST).

Selected: Enabled (Default)

Cleared: Disabled

SMI-S (HTTP)

Specify whether to enable or disable the SMI-S (HTTP) connection. Select the checkbox to enable the connection.

Specify whether to enable or disable the SMI-S (HTTP) connection for the MNT port. SMI-S is a standard specification concerning storage management technologies by Storage Networking Industry Association (SNIA).

Selected: Enabled

Cleared: Disabled (Default)

SMI-S (HTTPS)

Specify whether to enable or disable the SMI-S (HTTPS) connection. Select the checkbox to enable the connection.

Specify whether to enable or disable the SMI-S (HTTPS) connection for the MNT port.

Selected: Enabled (Default)

Cleared: Disabled

SMI-S (SLP)

Specify whether to enable or disable the SMI-S (SLP) connection. Select the checkbox to enable the connection.

Specify whether to enable or disable the SMI-S (SLP) connection for the MNT port.

Selected: Enabled (Default)

Cleared: Disabled

ICMP

Specify whether to enable or disable the ICMP connection. Select the checkbox to enable the connection.

The Internet Control Message Protocol (ICMP) is used when sending the "ping" command from a PC.

Selected: Enabled (Default)

Cleared: Disabled

Maintenance-Secure

Specify whether to enable or disable the Maintenance-Secure connection. Select the checkbox to enable the connection.

Maintenance-Secure is used when connecting with the monitoring software. This connection uses the data encryption for data transferring.

Selected: Enabled (Default)

Cleared: Disabled

SNMP

Specify whether to enable or disable the SNMP connection. Select the checkbox to enable the connection.

The Simple Network Management Protocol (SNMP) is used when accessing from SNMP Agent Manager.

Selected: Enabled (Default)

Cleared: Disabled

RCIL

Specify whether to enable or disable the RCIL connection. Select the checkbox to enable the connection.

Whether to enable or disable this parameter can only be set for the MNT port. The Remote Cabinet Interface over LAN (RCIL) controls the power of the storage system from a host via Ethernet by using the Intelligent Platform Management Interface (IPMI), which is a general protocol.

Selected: Enabled

Cleared: Disabled (Default)

Operating Procedures

  1. Select which port to set the firewall for (multiple selections can be made) and click [Setup Firewall] in [Action].

  2. Specify whether to enable or disable the connection of each service, and click the [Set] button.

    → A confirmation screen appears.

  3. Click the [OK] button.

    → Setting of the firewall starts.

  4. Click the [Done] button to return to the [Network] screen.